From 6d919a01040e46b22e218811127f0bac2a12f267 Mon Sep 17 00:00:00 2001 From: Cy Schubert Date: Mon, 8 Jun 2020 20:40:09 +0000 Subject: [PATCH] Upstream commit message: [PATCH 3/3] WPS UPnP: Handle HTTP initiation failures for events more properly While it is appropriate to try to retransmit the event to another callback URL on a failure to initiate the HTTP client connection, there is no point in trying the exact same operation multiple times in a row. Replve the event_retry() calls with event_addr_failure() for these cases to avoid busy loops trying to repeat the same failing operation. These potential busy loops would go through eloop callbacks, so the process is not completely stuck on handling them, but unnecessary CPU would be used to process the continues retries that will keep failing for the same reason. Obtained from: https://w1.fi/security/2020-1/\ 0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch Security: VU#339275 and CVE-2020-12695 --- src/wps/wps_upnp_event.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wps/wps_upnp_event.c b/src/wps/wps_upnp_event.c index fd225b06c0c6..a6018fcf98e9 100644 --- a/src/wps/wps_upnp_event.c +++ b/src/wps/wps_upnp_event.c @@ -294,7 +294,7 @@ static int event_send_start(struct subscription *s) buf = event_build_message(e); if (buf == NULL) { - event_retry(e, 0); + event_addr_failure(e); return -1; } @@ -302,7 +302,7 @@ static int event_send_start(struct subscription *s) event_http_cb, e); if (e->http_event == NULL) { wpabuf_free(buf); - event_retry(e, 0); + event_addr_failure(e); return -1; }